badger.foo (447981) writes "Peter Hansteen reports that a new distributed and slow-moving password guessing effort is underway, much like the earlier reports, but this time with a twist: The users they are trying to access do not exist. Instead, they're take from the bsdly.net spamtrap address list, where all listed email addresses are guaranteed to be invalid in their listed domains. There is a tiny chance that this is an elaborate prank or joke, but it's more likely that via excessive automation, the password gropers have finally Peak Stupid." Link to Original Source top
Have you changed your password lately? Does it even matter?
badger.foo (447981) writes "Do frequent password changes actually matter security wise? Or do they just make us pick the minimum complexity password the system will accept? I want your opinion. In his latest piece, Peter Hansteen wants your opinion on common security enforcement practices and even offers a poll about enforced password changes. Let loose the debate rage!" Link to Original Source top
What is it that you want to learn about OpenBSD 5.5?
badger.foo (447981) writes "In the upcoming OpenBSD 5.5 release there will be a number of improvements, including a whole new traffic shaping system, automatic installer improvements and the switch to 64-bit time_t.
badger.foo (447981) writes "Have you ever wanted to know what's really going on in your network? Some free tools with surprising origins can help you to an almost frightening degree. Peter Hansteen shares some monitoring insights, anecdotes and practical advice in his latest column on how to really know your network. All of it with free software, of course." Link to Original Source top
Effective Spam and Malware Countermeasures Using Free Tools
badger.foo (447981) writes "It fell to the UK Tories to actually implement the Nanny State. Too bad Nanny Tory does not want kinds to read up on tech web sites such as slashdot.org, or civil liberties ones such as the EFF or Amnesty International. Read on for a small sample of what the filter blocks, from a blocked-by-default tech writer." Link to Original Source top
Modern Microsoft Word Does Not Reliably Read Earlier Formats: A 1989 Print Test
badger.foo (447981) writes "Against ridiculous odds and even after gaining some media focus, the botnet dubbed The Hail Mary Cloud apparently succeeded in staying under the radar and kept compromising Linux machines for several years. This article sums up the known facts about the botnet and suggests some practical measures to keep your servers safe." Link to Original Source top
The Term Hackathon Has Been Trademarked In Germany
badger.foo (447981) writes "Trademarking somebody else's idea is behind their back is both a bad idea and highly immoral. If it wasn't your idea, you don't trademark and you don't patent. It really is that simple, people.
badger.foo (447981) writes "When you're in the business of building the networks people need and the services they need to run on them, you may also be running a mail service. If you do, you will sooner or later need to deal with spam. This article is about how to waste spammers' time and have a good time while doing it, using the free tools OpenBSD offers to do your greylisting and greytrapping before any content filtering. It's fun and easy." Link to Original Source top
You've Just Installed OpenBSD. Now What? Packages!
badger.foo (447981) writes "When you publicly assert that somebody sent spam, you need to ensure that your data is accurate. Your process needs to be simple and verifiable, and to compensate for any errors, you want your process to be transparent to the public with clear points of contact and line of responsibility. Here are some pointers from the operator of the bsdly.net greytrap-based blacklist." Link to Original Source top
badger.foo writes "You thought you had successfully avoided the tiresome password guessing bots groping at your SSH service by moving the service to a non-standard port? It seems security by obscurity has lost the game once more. We're now seeing ssh bruteforce attempts hitting other ports too, Peter Hansteen writes in his latest column." Link to Original Source top
You're Being DDOSed - What Do You Do? Name And Shame?
badger.foo writes "When you're hit with a DDOS, what do you do? In his most recent column, Peter Hansteen narrates a recent incident that involved a DNS based DDOS against his infrastructure and that of some old friends of his. He ends up asking, should we actively publish or 'name and shame' DDOS participants (or at least their IP addresses)? How about scans that may or may not be preparations for DDOSes to come?" Link to Original Source top
badger.foo writes "Remember the PirateBay affair, that included a criminal copyright infringement trial that railroaded four Swedish techs into jail terms and multiple million fines and damages? Now there's an avaaz.org petition for Peter Sunde, one of the defendants' pardon. Read up on the backrground in English or the original Swedish, then if you agree that the process did not deliver justice, please go to the petition page and add your signature." Link to Original Source top
badger.foo writes "Whenever you write about security in general and SSH security in particular (and for good measure also get slashdotted for your efforts), the comments inevitably turn up a variety of useful and less useful suggestions. One such suggestion invariably involves the odd practice called Port Knocking, which I've been circling for a while as a possible article subject. If you've considered including this in your arsenal of security features, I'll treat you to a few why nots in the following. Read on if you're interested in actual security in practice." Link to Original Source top
The Optimum Attack Rate for SSH Bruteforce? 1 Per 10 Seconds
badger.foo writes "Remember the glacially slow Hail Mary Cloud SSH bruteforcers? They're doing speedup tweaks and are preparing a comeback, some preliminary data reported by Peter Hansteen appear to indicate. The optimum rate of connections seems to be 1 per ten seconds, smack in the middle of the 'probably human' interval." Link to Original Source top
OpenBSD IPv6 Fragment Handling Sanity (+RFC compliance) Well Ahead of the Pack
badger.foo writes "Remember the Hail Mary Cloud of distributed ssh password guessing bots? They're back (or may have been active all along), but the latest news is that they seem to be numbering hundreds, not thousands like they did some years ago. Peter Hansteen speculates that maybe we are seeing the effect of sensible passwords polidies or a move to key only ssh logins. And they're still not even attempting to attack OpenBSD systems." Link to Original Source top
badger.foo writes "OpenBSD-current just turned 5.0-beta, providing us a preview of what the upcoming release (slated for November 1st) will look like. Book of PF author Peter Hansteen takes us through the main new features and explains the development process that has consistently turned out high-quality releases on time, every six months for more than a decade." Link to Original Source